#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

defaced | Breaking Cybersecurity News | The Hacker News

NASA 'Space your Face' domain hacked

NASA 'Space your Face' domain hacked

Jan 07, 2013
Another basic security loop-hole in NASA website lead to a Hack. This time hacker going by name " p0ison-r00t " deface a sub domain of NASA ( https://spaceyourface.nasa.gov/ ). The hacked sub domain running a web application using flash, that allow visitors to create some funny videos of Space using Faces. Hacker able to upload his text on the website, as shown in screenshot taken by ' The Hacker News '. We contact hacker to know more about the hack, on asking How ? Hacker said," I found a form on website, accepting file upload but without validating the extension, that allow me to upload a php shell on server ". Hacker also said that because of low privileges he was not able to modify any file, but was able to upload some text on the website, Check here . Mirror of hack also available on Zone-h .
500 Websites defaced by Anonymous Supporters

500 Websites defaced by Anonymous Supporters

Dec 08, 2012
Hacker Supporting Anonymous Group, with his nickname - " PV~E.rr0r " hack 516 websites.  Deface page shows a very cool animated Anonymous logo with text " We unite as one but no one can divide us. Expect us! " Because hacker intention was not to harm the website, so he has not change or delete any file, rather he just just upload his deface page on each site at "/Err0r.html" . In a message, Hacker told The Hacker News that purpose of hacking website is just to show their admins that they are vulnerable and need more security. Hacker also mention on deface page " Hello admin, I am here to warn you about your secrutiy, It kinda sucks 70% Security 30% Dumbness. We hacked this site to put a warning before the Blackhat hackers come. Please cooperate! " Rest at end page reads " We are Anonymous, We are legion, We do not forgive, We do not forget, United as one, Divided by zero, Expect us. #Knowledge is power. Don't learn to ha
How to Find and Fix Risky Sharing in Google Drive

How to Find and Fix Risky Sharing in Google Drive

Mar 06, 2024Data Security / Cloud Security
Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it's inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.  For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies in the toxic combinations of sensitive data, excessive permissions, and improper sharing. However, it can be challenging to differentiate between typical business practices and potential risks without fully understanding the context and intent.  Material Security, a company renowned for its innovative method of protecting sensitive data within employee mailboxes, has recently launched  Data Protection for Google Drive  to safeguard the sprawl of confidential information scattered throughout Google Drive with a powerful discovery and remediation toolkit. How Material Security helps organ
Algerian Hacker hijack Romanian Google and Yahoo Domain

Algerian Hacker hijack Romanian Google and Yahoo Domain

Nov 28, 2012
Algerian Hacker today hijack DNS Yahoo, Microsoft or Google and Paypal redirect users to a deface page. Credit being taken by Hacker going by name MCA-CRB , a serial website defacer. MCA-CRB is a prolific online graffiti artist who has defaced at least 5,000 sites, according to records kept by Zone-H. After Hijacking both domains resolve to an IP address located in the Netherlands," at 95.128.3.172 (server1.joomlapartner.nl). " When we heard about this incident, we were pretty skeptical about the attack. A site such as Google's can be theoretically hacked, but it is very unlikely. Then we noticed that both domains were directed to an IP address in the Netherlands […], so it seemed more like a DNS poisoning attack ," said Stefan Tanase from Kaspersky Lab Romania. " All we know is that Google's public DNS servers (8.8.8.8 and 8.8.4.4) were resolving requests for google.ro and other major .RO websites to the IP address hosting the defacement page ," Tanase said. Google
cyber security

Uncover Critical Gaps in 7 Core Areas of Your Cybersecurity Program

websiteArmor PointCyber Security / Assessment
Turn potential vulnerabilities into strengths. Start evaluating your defenses today. Download the Checklist.
Israeli Hackers Leak Credit Card Data from Palestine ISP

Israeli Hackers Leak Credit Card Data from Palestine ISP

Nov 19, 2012
Along war with airstrikes between Israel and Palestine, Cyber war between hackers from both country on fire. First Hackers from all over world who supporting Palestine start attacking Israeli sites, now a hacker going by name " yourikan " has leaked a complete database from an ISP called PALNET (https://www.palnet.ps). In a statement, hacker told 'The Hacker News', " this is in react of the latest terror from Palestine in the missiles against Israel and the cyber war against us say no to Palestine! say no to terror! " Leaked database has been posted on pastebin and downloadable file on anonfiles and including credit card details and full personal address, numbers, names of various Israeli users and admin password and snmp secrets files.
Israeli Bing, MSN, Skype, Live and other Defaced by Pakistani hackers

Israeli Bing, MSN, Skype, Live and other Defaced by Pakistani hackers

Nov 19, 2012
Where Anonymous declared war on the Israeli websites , today another Pakistani hacking group also came forward in support of GAZA by taking down multiple big Israeli sites and deface all Microsoft related Israeli domains including Bing, MSN, Skype, Live and other. Hacker start with " The Notorious Hackers are Back " , including 1337, H4x0rL1f3 , ZombiE_KsA and Invectus. But we are in contact with ZombiE_KsA (Founder of PakBug Forum) from last 2 years, so I just ask ZombiE_KsA about his involvement in this hack, and he clearly declined his involvement and said that other Pakistani hackers are using his name without permission in the Israeli deface pages to show his support , " and they copied my index as well, " he said. Anyway, deface page said, " on the behalf of all Pakistani and all Muslims," promising that "your war on Gaza will make you cry blood. " Zone-h of all defaced sites are available  here . Defaced domains are :
Pizza Hut defaced, Authorities denies theft of 240000 Credit Cards

Pizza Hut defaced, Authorities denies theft of 240000 Credit Cards

Nov 07, 2012
Yesterday Australian Pizza Hut website was compromised by a hacking group going by the name of 0-Day and Pyknic . Hackers defaced the website and claim that they made off with 260,000 Australian credit card numbers. Hack was 1st noticed by  Whirlpool Forum users. But a Pizza Hut spokeswoman said the company did not store such information on its website. " Pizza Hut can confirm that a layer of its website, pizzahut.com.au , was breached with access gained to names and contact information, including email addresses ". " We are working with our website providers to conduct a thorough investigation of the matter and have also reported the incident to the Office of the Australian Information Commissioner. We would like to reassure all of our customers that absolutely no credit card information was stolen and there is no need for concern regarding credit cards." "The security of our online ordering system has not been compromised in any way and our customers ca
Oracle website saying - "Hello World" , is it a Hack ?

Oracle website saying - "Hello World" , is it a Hack ?

Oct 13, 2012
This afternoon I just got a ping from one of my Friend that Oracle website compromised. Its hard to believe that ORACLE can be compromised ? So lets explore that what going on: Oracle.com , Website Oracle Corporation ,  ( an American multinational computer technology corporation that specializes in developing and marketing computer hardware systems and enterprise software products – particularly database management systems ) homepage showing just " HELLO WORLD " text on page. I tried to open it via mobile, it redirect me to mobile version at  Oracle.mobi , Yes its working fine as normal. Then we start moving on Twitter to find out whats going on, Lots of people tweeting about this and everyone seems to be confused that IS IT A HACK ? or the site is Under Maintenance ? Okay, Next I move to ORACLE twitter accounts @Oracle @OracleDatabase to find out either they have tweeted about this Strange update or not , But there was no tweet from their side from last 12 H
Cybersecurity Resources